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Critical US 
Infrastructure 
Extremely Vulnerable 
To Cyberattacks 

Industrial Control Systems (ICS) are often used to 
support critical infrastructure around the world 
but, unfortunately, they were not designed with 
cybersecurity in mind, and certainly not for the 
modern loT-based ecosystem. Recently, many ICS 
panels for both public and private infrastructure 
in the US were found extremely vulnerable and 
unprotected to cyberattacks. 


Uncovering the truth about 
vulnerable ICS 

Recently, CyberNews researchers found a number 
of unprotected and accessible Industrial Control 
Systems across the United States. 

• Researchers found that a large number of 
ICS access points—particularly in water and 
energy sectors—vulnerable to cyber attacks. 
These vulnerable infrastructures were 
identified by scanning IP blocks for open 
ports in the US IP address range as part of 
an internet mapping project. 

• Hackers could misuse search engines 
dedicated to scanning such open ports, 
helping them to attack offshore and onshore 
oil wells, as well as public and private water 
distribution and treatment systems. 

• Any adversary with a specific skill set and a 
special interest can exploit vulnerable 
systems to take control of multiple oil silos, 
coastal oil wells, shut off the water supply, 
make drinking water unsafe to consume, 
damage an entire town's sewer system, 
thereby physically affecting thousands. 


Recent cyberattacks on ICS 
systems 

There have been several incidents in the past 
when attackers targeted the ICS systems by using 
some specific malware or vulnerability. 

• In July 2020, FortiGuard Labs observed that 
the EKANS ransomware group targeted ICS 
systems and a variety of applications by 
using a different methods including turning 
the security firewalls off. 

• In March 2020, Kwampirs actors infected 
software supply chain vendors including 
products used to manage industrial control 
system (ICS) assets in global healthcare 
entities. 


In essence 

The state-sponsored actors can cause untold 
amounts of damage in the US - to the civilian 
population, the local economies, and the 
environment by using these vulnerable systems. 
These types of attacks can cause material losses 
and production downtime for the whole system. 
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